Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa
File: d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa (raw, json)
Hash identifier: pgbeuB0hdHRmmfTYR+Gj4YOOGjWi/05vNp5e0mSFYAQ=
Subject key identifier: E0:68:52:14:78:58:31:6F:D3:2B:F8:5D:FC:6F:6F:3D:5F:D7:1A:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 180EC2F4A9E23DD65328EBC5269C2E1CF38E2894
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa
Signing time: Fri 25 Apr 2025 18:20:13 +0000
ROA not before: Fri 25 Apr 2025 18:20:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:0e:c2:f4:a9:e2:3d:d6:53:28:eb:c5:26:9c:2e:1c:f3:8e:28:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=97553355a9ef2c240c8368ad69945053594bfda5cb999c817a234a4e60c3c68a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a1:ba:00:b9:28:57:c9:b0:5f:fb:86:5c:86:
f6:ac:2f:3a:30:7e:ff:1e:c8:1f:ab:1b:76:46:94:
f7:a5:b1:05:cf:51:2e:ae:15:98:e5:a3:9d:0c:ff:
95:1f:a9:e0:1e:6a:e8:20:fd:7a:0f:42:f4:71:be:
73:a2:58:7f:8f:d2:0e:03:7c:aa:4e:e1:d6:9a:84:
da:d6:e0:06:c5:dc:86:f8:93:09:b7:52:04:d3:f8:
9f:d5:83:b1:27:1e:75:58:ea:f7:1f:26:4a:73:f0:
2a:a4:8c:8a:c2:2a:30:04:8a:65:2a:1f:5d:17:68:
c4:98:99:01:7e:e0:75:2a:99:f8:78:ad:04:1b:63:
0d:07:77:cc:f0:0e:6f:d9:2f:06:27:0c:c5:aa:54:
b4:74:e1:d2:1b:db:98:54:e2:17:ad:33:2a:bf:6e:
2d:6c:36:c8:eb:cf:a6:e3:c6:53:59:af:c8:00:f0:
37:9e:f6:3b:18:06:f7:62:9d:7b:ae:37:a0:e0:ed:
e6:ff:88:24:1d:83:81:2e:2f:81:e8:20:fc:19:23:
dd:d0:5b:e7:6b:0b:ce:91:00:62:ea:5b:90:4b:14:
64:78:b8:54:1e:ba:42:90:dc:62:c4:3d:6d:c0:07:
62:b4:c0:c5:ea:ba:60:67:9f:ad:55:35:09:27:2c:
7d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:68:52:14:78:58:31:6F:D3:2B:F8:5D:FC:6F:6F:3D:5F:D7:1A:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9040::/48
Signature Algorithm: sha256WithRSAEncryption
3f:53:66:d4:21:f8:a7:1e:36:50:a3:cf:12:ac:2d:f9:1c:41:
ef:de:2b:ea:6d:dc:1b:17:07:e9:6f:31:17:d6:84:4e:24:f4:
4e:f9:6f:68:1b:6d:b8:34:f5:24:59:a0:03:fd:fe:e6:dc:6f:
91:ab:f1:ba:b5:9a:6e:39:29:88:0e:03:fa:7d:d8:2b:08:66:
48:da:ec:41:a7:55:1f:78:1b:2e:3e:a0:35:02:dd:cb:b4:ab:
58:21:0e:ef:88:4d:a7:a1:4f:d4:04:2e:0d:25:a9:9d:9c:36:
76:40:fe:38:ce:2c:fd:fd:f2:ea:17:d7:9e:91:83:3e:ce:a5:
21:96:fe:f9:63:36:bc:73:65:62:37:30:42:a7:01:e4:97:52:
72:b8:45:cc:cb:75:cf:e3:51:36:84:0d:d5:1c:d3:10:e0:d1:
87:32:67:ae:51:28:ab:68:ed:3d:33:7e:87:3c:22:ab:a7:5c:
e5:86:ae:aa:8f:49:03:6f:ee:be:29:36:4f:90:b4:0f:89:59:
8c:fe:a8:4e:3a:ab:29:b1:d2:e4:a4:28:7d:1b:5c:f0:b1:b2:
d7:02:52:06:4b:5e:2c:02:63:9e:29:f5:8b:46:61:8e:e0:1b:
4a:de:74:1d:55:67:09:75:b8:9e:ef:5b:a9:f3:3e:3c:70:ac:
94:5d:36:89
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGA7C9KniPdZTKOvFJpwuHPOOKJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NTUzMzU1YTllZjJjMjQwYzgzNjhhZDY5OTQ1MDUzNTk0YmZkYTVjYjk5
OWM4MTdhMjM0YTRlNjBjM2M2OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6hugC5KFfJsF/7hlyG9qwvOjB+/x7IH6sbdkaU96WxBc9RLq4VmOWjnQz/
lR+p4B5q6CD9eg9C9HG+c6JYf4/SDgN8qk7h1pqE2tbgBsXchviTCbdSBNP4n9WD
sScedVjq9x8mSnPwKqSMisIqMASKZSofXRdoxJiZAX7gdSqZ+HitBBtjDQd3zPAO
b9kvBicMxapUtHTh0hvbmFTiF60zKr9uLWw2yOvPpuPGU1mvyADwN572OxgG92Kd
e643oODt5v+IJB2DgS4vgegg/Bkj3dBb52sLzpEAYupbkEsUZHi4VB66QpDcYsQ9
bcAHYrTAxeq6YGefrVU1CScsfV0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgaFIU
eFgxb9Mr+F38b289X9caCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDQ3OTc2OTktZWVmNC00MDFiLWE2ZTctMWY1Y2YxZjNlN2RlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAP1Nm1CH4px42UKPPEqwt+RxB794r6m3cGxcH
6W8xF9aETiT0TvlvaBttuDT1JFmgA/3+5txvkavxurWabjkpiA4D+n3YKwhmSNrs
QadVH3gbLj6gNQLdy7SrWCEO74hNp6FP1AQuDSWpnZw2dkD+OM4s/f3y6hfXnpGD
Ps6lIZb++WM2vHNlYjcwQqcB5JdScrhFzMt1z+NRNoQN1RzTEODRhzJnrlEoq2jt
PTN+hzwiq6dc5Yauqo9JA2/uvik2T5C0D4lZjP6oTjqrKbHS5KQofRtc8LGy1wJS
BkteLAJjnin1i0ZhjuAbSt50HVVnCXW4nu9bqfM+PHCslF02iQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:29 2025 by rpki-client